What businesses need to know about the Economic Crime and Corporate Transparency Act 2023

The Economic Crime and Corporate Transparency Act 2023 makes a number of important changes to corporate transparency and compliance in the UK.

It is going to be easier to prosecute companies for wrongdoing

Prosecutors will no longer have to prove that “the directing mind and will” of a company was behind wrongdoing. Now, any “senior manager” who has engaged in criminality around fraud, tax evasion, sanctions breaches, money laundering, false accounting and bribery can find their actions result in corporate prosecution.

The Serious Fraud Office has increased powers of investigation

The SFO can collect information before an investigation is even opened. They can also send out a notice compelling someone to provide information, and this is before a formal investigation has been launched. Before the change this could only be done after an investigation had already started.

Companies House can scrutinise filings

No longer just a repository of information, Companies House can query or reject filings, remove information on the register, and share data with government and law enforcement.

Failure to prevent fraud is now a corporate offence

Large companies are legally required to put in place reasonable procedures to prevent certain types of fraud. This is similar to the reasonable procedures required by the Criminal Finances Act and adequate Procedures required by the Bribery Act.

Limited partnerships more tightly regulated

Limited partnerships and Scottish limited partnerships have tighter registration requirements. There are new dissolution and deregistration procedures and greater sanctions for non compliance.

Crypto assets can be seized and crypto must be scrutinised

There are more powers to seize crypto assets linked to criminal activity.

Beneficial owners of overseas entities must be disclosed

The Register of Overseas Entities at Companies House will require overseas nominees holding UK land, including trusts, to be reported. This must include more information and there is an offence for failing to comply with an information notice.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”

James

VinciWorks CEO, VInciWorks

Spending time looking for your parcel around the neighbourhood is a thing of the past. That’s a promise.

CLOSE